authorization do
  
  #permessi di default : tutti li possiedono
  role :default do
    has_permission_on :restaurants, :to => [:index, :map ]
    has_permission_on :products, :to => [:index, ]
  end

  #guest : chiunque non sia registrato
  role :guest do
    includes :default
    has_permission_on :customers, :to => [ :new, :create]
  end

  role :administrator do
    includes :default
    has_permission_on :admin_restaurants, :to => :manage
    has_permission_on :admin_products, :to => :manage
  end

  role :restaurant do
    includes :default
    has_permission_on :restaurants, :to => :edit_self
    has_permission_on :restaurant_delivery_men, :to => :manage
    has_permission_on :restaurant_pizza_makers, :to => :manage
    has_permission_on :restaurant_orders, :to => [:index, :show, :edit]
  end

  role :customer do
    includes :default
    has_permission_on :customers, :to => :edit_self
    has_permission_on :orders, :to => [:new , :create, :edit, :update ,:destroy]
  end

  role :delivery_man do
    includes :default
    has_permission_on :delivery_men, :to => :edit_self
  end

  role :pizza_maker do
    includes :default
    has_permission_on :pizza_maker, :to => :edit_self
  end

end

# Questi sono dei privilegi standard da poter riutilizzare per i ruoli
privileges do
  privilege :manage do
    includes :new, :create, :index, :edit, :update, :destroy
  end

  privilege :edit_self do
    includes :edit, :update, :destroy
  end
end
